diff options
-rw-r--r-- | feed.php | 87 | ||||
-rw-r--r-- | include/common.inc.php | 12 | ||||
-rw-r--r-- | include/functions_session.inc.php | 19 | ||||
-rw-r--r-- | include/functions_url.inc.php | 23 | ||||
-rw-r--r-- | include/picture_comment.inc.php | 5 | ||||
-rw-r--r-- | language/en_UK.iso-8859-1/common.lang.php | 3 | ||||
-rw-r--r-- | language/fr_FR.iso-8859-1/common.lang.php | 3 | ||||
-rw-r--r-- | notification.php | 14 | ||||
-rw-r--r-- | register.php | 2 | ||||
-rw-r--r-- | ws.php | 10 |
10 files changed, 97 insertions, 81 deletions
@@ -88,50 +88,44 @@ function ts_to_iso8601($ts) // | initialization | // +-----------------------------------------------------------------------+ -// clean $user array (include/user.inc.php has been executed) -$user = array(); +$feed_id= isset($_GET['feed']) ? $_GET['feed'] : ''; +$image_only=isset($_GET['image_only']); // echo '<pre>'.generate_key(50).'</pre>'; -if (isset($_GET['feed']) - and preg_match('/^[A-Za-z0-9]{50}$/', $_GET['feed'])) +if ( !empty($feed_id) ) { $query = ' -SELECT uf.user_id AS id, - ui.status, - uf.last_check, - u.'.$conf['user_fields']['username'].' AS username - FROM '.USER_FEED_TABLE.' AS uf - INNER JOIN '.USER_INFOS_TABLE.' AS ui - ON ui.user_id = uf.user_id - INNER JOIN '.USERS_TABLE.' AS u - ON u.'.$conf['user_fields']['id'].' = uf.user_id - WHERE uf.id = \''.$_GET['feed'].'\' +SELECT user_id, + last_check + FROM '.USER_FEED_TABLE.' + WHERE id = \''.$feed_id.'\' ;'; - $user = mysql_fetch_array(pwg_query($query)); -} - -if ( empty($user) ) -{ - page_not_found('Unknown/missing feed identifier'); + $feed_row = mysql_fetch_assoc(pwg_query($query)); + if ( empty($feed_row) ) + { + page_not_found('Unknown/missing feed identifier'); + } + if ($feed_row['user_id']!=$user['id']) + { // new user + $user = array(); + $user = build_user( $feed_row['user_id'], true ); + } } - -$user['forbidden_categories'] = calculate_permissions($user['id'], - $user['status']); -if ('' == $user['forbidden_categories']) +else { - $user['forbidden_categories'] = '0'; + $image_only = true; + if (!$user['is_the_guest']) + {// auto session was created - so switch to guest + $user = array(); + $user = build_user( $conf['guest_id'], true ); + } } list($dbnow) = mysql_fetch_row(pwg_query('SELECT NOW();')); include_once(PHPWG_ROOT_PATH.'include/feedcreator.class.php'); -$base_url = get_host_url().cookie_path(); -if ( strrpos($base_url, '/') !== strlen($base_url)-1 ) -{ - $base_url .= '/'; -} -$page['root_path']=$base_url; +set_make_full_url(); $rss = new UniversalFeedCreator(); @@ -144,9 +138,9 @@ $rss->link = $conf['gallery_url']; // | Feed creation | // +-----------------------------------------------------------------------+ -if ( !isset($_GET['image_only']) ) +if (!$image_only) { - $news = news($user['last_check'], $dbnow, true, true); + $news = news($feed_row['last_check'], $dbnow, true, true); if (count($news) > 0) { @@ -173,19 +167,22 @@ if ( !isset($_GET['image_only']) ) $query = ' UPDATE '.USER_FEED_TABLE.' SET last_check = \''.$dbnow.'\' - WHERE id = \''.$_GET['feed'].'\' + WHERE id = \''.$feed_id.'\' ;'; pwg_query($query); } } else -{ // update the last check to avoid deletion by maintenance task - $query = ' -UPDATE '.USER_FEED_TABLE.' - SET last_check = \''.$dbnow.'\' - WHERE id = \''.$_GET['feed'].'\' -;'; - pwg_query($query); +{ + if ( !empty($feed_id) ) + {// update the last check to avoid deletion by maintenance task + $query = ' + UPDATE '.USER_FEED_TABLE.' + SET last_check = \''.$dbnow.'\' + WHERE id = \''.$feed_id.'\' + ;'; + pwg_query($query); + } } $dates = get_recent_post_dates( 5, 6, 6); @@ -195,7 +192,7 @@ foreach($dates as $date_detail) $date = $date_detail['date_available']; $exploded_date = explode_mysqldt($date); $item = new FeedItem(); - $item->title = l10n_dec('%d element added', '%d elements added', $date_detail['nb_elements']); + $item->title = l10n_dec('%d new element', '%d new elements', $date_detail['nb_elements']); $item->title .= ' ('.$lang['month'][(int)$exploded_date['month']].' '.$exploded_date['day'].')'; $item->link = make_index_url( array( @@ -211,7 +208,7 @@ foreach($dates as $date_detail) $item->description .= '<li>' - .l10n_dec('%d element added', '%d elements added', $date_detail['nb_elements']) + .l10n_dec('%d new element', '%d new elements', $date_detail['nb_elements']) .' (' .'<a href="'.make_index_url(array('section'=>'recent_pics')).'">' .l10n('recent_pics_cat').'</a>' @@ -238,8 +235,8 @@ foreach($dates as $date_detail) '<li>' .get_cat_display_name_cache($cat['uppercats']) .' ('. - l10n_dec('%d element added', - '%d elements added', $cat['img_count']).')' + l10n_dec('%d new element', + '%d new elements', $cat['img_count']).')' .'</li>'; } $item->description .= '</ul>'; diff --git a/include/common.inc.php b/include/common.inc.php index aea694639..d65b69641 100644 --- a/include/common.inc.php +++ b/include/common.inc.php @@ -179,10 +179,8 @@ if ($conf['gallery_locked']) if ( script_basename() != 'identification' and !is_admin() ) { - //next line required if PATH_INFO (no ? in url) but won't work for scripts outside PWG - $page['root_path'] = cookie_path(); echo $lang['gallery_locked_message'] - .'<a href="'.get_root_url().'identification.php">.</a>'; + .'<a href="'.get_absolute_root_url(false).'identification.php">.</a>'; exit(); } } @@ -197,9 +195,7 @@ if ($user['is_the_guest'] and !$conf['guest_access'] ) ) { - //next line required if PATH_INFO (no ? in url) but won't work for scripts outside PWG - $page['root_path'] = cookie_path(); - redirect (get_root_url().'identification.php'); + redirect (get_absolute_root_url(false).'identification.php'); } if ($conf['check_upgrade_feed'] @@ -220,10 +216,8 @@ SELECT id // which upgrades need to be applied? if (count(array_diff($existing, $applied)) > 0) { - //next line required if PATH_INFO (no ? in url) but won't work for scripts outside PWG - $page['root_path'] = cookie_path(); $header_msgs[] = 'Some database upgrades are missing, ' - .'<a href="'.get_root_url().'upgrade_feed.php">upgrade now</a>'; + .'<a href="'.get_absolute_root_url(false).'upgrade_feed.php">upgrade now</a>'; } } diff --git a/include/functions_session.inc.php b/include/functions_session.inc.php index ba1820028..d02fea3ae 100644 --- a/include/functions_session.inc.php +++ b/include/functions_session.inc.php @@ -111,8 +111,25 @@ function cookie_path() $scr = $_SERVER['SCRIPT_NAME']; } $scr = substr($scr,0,strrpos( $scr,'/')); + // add a trailing '/' if needed - return ($scr{strlen($scr)-1} == '/') ? $scr : $scr . '/'; + $scr .= ($scr{strlen($scr)-1} == '/') ? '' : '/'; + + if ( substr(PHPWG_ROOT_PATH,0,3)=='../') + { // this is maybe a plugin inside pwg directory + // TODO - what if it is an external script outside PWG ? + $scr = $scr.PHPWG_ROOT_PATH; + while (1) + { + $new = preg_replace('#[^/]+/\.\.(/|$)#', '', $scr); + if ($new==$scr) + { + break; + } + $scr=$new; + } + } + return $scr; } /** diff --git a/include/functions_url.inc.php b/include/functions_url.inc.php index 1410243da..376d4f4e9 100644 --- a/include/functions_url.inc.php +++ b/include/functions_url.inc.php @@ -38,7 +38,7 @@ function get_root_url() $root_url = $page['root_path']; } else - { + {// TODO - add HERE the possibility to call PWG functions from external scripts $root_url = PHPWG_ROOT_PATH; } if ( dirname($root_url)!='.' ) @@ -52,17 +52,22 @@ function get_root_url() } /** - * returns the url of the current host (e.g. http://www.toto.com ) - * TODO: if required by someone, treat https case + * returns the absolute url to the root of PWG + * @param boolean with_scheme if false - does not add http://toto.com */ -function get_host_url() +function get_absolute_root_url($with_scheme=true) { - $url = "http://"; - $url .= $_SERVER['HTTP_HOST']; - if ($_SERVER['SERVER_PORT']!=80) + // TODO - add HERE the possibility to call PWG functions from external scripts + $url = ''; + if ($with_scheme) { - $url .= ':'.$_SERVER['SERVER_PORT']; + $url .= 'http://'.$_SERVER['HTTP_HOST']; + if ($_SERVER['SERVER_PORT']!=80) + { + $url .= ':'.$_SERVER['SERVER_PORT']; + } } + $url .= cookie_path(); return $url; } @@ -419,7 +424,7 @@ function set_make_full_url() $page['save_root_path']['path'] = $page['root_path']; } $page['save_root_path']['count'] = 1; - $page['root_path'] = get_host_url().cookie_path(); + $page['root_path'] = get_absolute_root_url(); } else { diff --git a/include/picture_comment.inc.php b/include/picture_comment.inc.php index faf1d9d7d..194e715c8 100644 --- a/include/picture_comment.inc.php +++ b/include/picture_comment.inc.php @@ -209,8 +209,7 @@ if ( $page['show_comments'] and isset( $_POST['content'] ) ) { include_once(PHPWG_ROOT_PATH.'include/functions_mail.inc.php'); - $del_url = get_host_url().cookie_path() - .'comments.php?delete='.$comm['id']; + $del_url = get_absolute_root_url().'comments.php?delete='.$comm['id']; $content = 'Author: '.$comm['author']."\n" @@ -221,7 +220,7 @@ if ( $page['show_comments'] and isset( $_POST['content'] ) ) if ($comment_action!='validate') { $content .= - 'Validate: '.get_host_url().cookie_path() + 'Validate: '.get_absolute_root_url() .'comments.php?validate='.$comm['id']; } pwg_mail( get_webmaster_mail_address(), '', diff --git a/language/en_UK.iso-8859-1/common.lang.php b/language/en_UK.iso-8859-1/common.lang.php index aaf550866..4a11f897b 100644 --- a/language/en_UK.iso-8859-1/common.lang.php +++ b/language/en_UK.iso-8859-1/common.lang.php @@ -301,12 +301,9 @@ $lang['%d new comment'] = '%d new comment'; $lang['%d new comments'] = '%d new comments'; $lang['%d new element'] = '%d new element'; $lang['%d new elements'] = '%d new elements'; -$lang['%d element added'] = '%d element added'; -$lang['%d elements added'] = '%d elements added'; $lang['%d new user'] = '%d new user'; $lang['%d new users'] = '%d new users'; $lang['%d pictures are also linked to current tags'] = '%d pictures are also linked to current tags'; -$lang['%d pictures'] = '%d pictures'; $lang['%d waiting element'] = '%d waiting element'; $lang['%d waiting elements'] = '%d waiting elements'; $lang['About'] = 'About'; diff --git a/language/fr_FR.iso-8859-1/common.lang.php b/language/fr_FR.iso-8859-1/common.lang.php index a93e62efb..0ab1dda62 100644 --- a/language/fr_FR.iso-8859-1/common.lang.php +++ b/language/fr_FR.iso-8859-1/common.lang.php @@ -301,12 +301,9 @@ $lang['%d new comment'] = '%d nouveau commentaire utilisateur'; $lang['%d new comments'] = '%d nouveaux commentaires utilisateur'; $lang['%d new element'] = '%d nouvel élément'; $lang['%d new elements'] = '%d nouveaux éléments'; -$lang['%d element added'] = '%d élément ajouté'; -$lang['%d elements added'] = '%d éléments ajoutés'; $lang['%d new user'] = '%d nouvel utilisateur'; $lang['%d new users'] = '%d nouveaux utilisateurs'; $lang['%d pictures are also linked to current tags'] = '%d images sont également liées aux tags courants'; -$lang['%d pictures'] = '%d images'; $lang['%d waiting element'] = '%d élément en attente'; $lang['%d waiting elements'] = '%d éléments en attente'; $lang['About'] = 'À propos'; diff --git a/notification.php b/notification.php index a1250428c..4154501c9 100644 --- a/notification.php +++ b/notification.php @@ -51,8 +51,18 @@ INSERT INTO '.USER_FEED_TABLE.' ;'; pwg_query($query); -$feed_url=PHPWG_ROOT_PATH.'feed.php?feed='.$page['feed']; -$feed_image_only_url=$feed_url.'&image_only'; + +$feed_url=PHPWG_ROOT_PATH.'feed.php'; +if ($user['is_the_guest']) +{ + $feed_image_only_url=$feed_url; + $feed_url .= '?feed='.$page['feed']; +} +else +{ + $feed_url .= '?feed='.$page['feed']; + $feed_image_only_url=$feed_url.'&image_only'; +} // +-----------------------------------------------------------------------+ // | template initialization | diff --git a/register.php b/register.php index 55d0b226c..aeb98fbd9 100644 --- a/register.php +++ b/register.php @@ -60,7 +60,7 @@ if (isset($_POST['submit'])) { include_once(PHPWG_ROOT_PATH.'include/functions_mail.inc.php'); $username = $_POST['login']; - $admin_url = get_host_url().cookie_path() + $admin_url = get_absolute_root_url(). .'admin.php?page=user_list&username='.$username; $content = @@ -4,10 +4,10 @@ // | Copyright (C) 2003-2007 PhpWebGallery Team - http://phpwebgallery.net | // +-----------------------------------------------------------------------+ // | branch : BSF (Best So Far) -// | file : $URL: svn+ssh://rvelices@svn.gna.org/svn/phpwebgallery/trunk/action.php $ -// | last update : $Date: 2006-12-21 18:49:12 -0500 (Thu, 21 Dec 2006) $ -// | last modifier : $Author: rvelices $ -// | revision : $Rev: 1678 $ +// | file : $Id$ +// | last update : $Date$ +// | last modifier : $Author$ +// | revision : $Rev$ // +-----------------------------------------------------------------------+ // | This program is free software; you can redistribute it and/or modify | // | it under the terms of the GNU General Public License as published by | @@ -177,7 +177,7 @@ if (!is_null($responseFormat)) $service->setEncoder($responseFormat, $encoder); } -$page['root_path']=get_host_url().cookie_path(); +set_make_full_url(); $service->run(); ?> |